Lucene search
K

61 matches found

CVE
CVE
added 2025/03/03 3:51 p.m.64 views

CVE-2025-27094

CVE-2025-27094 affects Tuleap Community Edition 16.4.99.1739806825–16.4.99.1739877910 and Tuleap Enterprise Edition prior to 16.3-9 or 16.4-4. The issue allows a user with tracker access to force-reset certain field configurations, leading to potential information loss; specific attributes for da...

5.4CVSS5.4AI score0.00337EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2025/01/27 10:15 p.m.8 views

CVE-2025-24087

The issue was addressed with additional permissions checks. This issue is fixed in macOS Sequoia 15.3. An app may be able to access protected user data...

5.5CVSS0.00213EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2025/01/13 8:41 p.m.18 views

CVE-2025-22134

When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does not properly end visual mode and therefore may try to access beyond the end of a line in a buffer. In Patch 9.1.1003 Vim will correctly reset the visu...

5.5CVSS7.2AI score0.00367EPSS
Exploits0References4
OSV
OSV
added 2024/12/12 2:15 a.m.4 views

CVE-2024-54504

A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15.2. An app may be able to access user-sensitive data...

5.5CVSS5.8AI score0.00207EPSS
Exploits0References2
CVE
CVE
added 2024/10/28 9:8 p.m.52 views

CVE-2024-44122

CVE-2024-44122 is a logic-issue affecting macOS that could allow an application to break out of its sandbox. The provided sources confirm fixes in macOS Ventura 13.7.1, macOS Sequoia 15, and macOS Sonoma 14.7.1. The vulnerability is described as a sandbox-escape risk resolved by improved checks; ...

8.8CVSS5.8AI score0.00265EPSS
Exploits0References6Affected Software1
OSV
OSV
added 2024/09/17 12:15 a.m.4 views

CVE-2024-27795

A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet...

7.5CVSS5.8AI score0.00501EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/08/21 12:6 a.m.17 views

CVE-2024-43880

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrumaclerp: Fix object nesting warning ACLs in Spectrum-2 and newer ASICs can reside in the algorithmic TCAM A-TCAM or in the ordinary circuit TCAM C-TCAM. The former can contain more ACLs i.e., tc filters, but the...

5.5CVSS5.6AI score0.00218EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2024/07/29 10:16 p.m.21 views

CVE-2024-40836

A logic issue was addressed with improved checks. This issue is fixed in iOS 16.7.9 and iPadOS 16.7.9, iOS 17.6 and iPadOS 17.6, macOS Sonoma 14.6, watchOS 10.6. A shortcut may be able to use sensitive data with certain actions without prompting the user...

5.8AI score0.00555EPSS
Exploits0References4
NVD
NVD
added 2024/05/21 4:15 p.m.37 views

CVE-2023-52704

In the Linux kernel, the following vulnerability has been resolved: freezer,umh: Fix callusermodehelperexec vs SIGKILL Tetsuo-San noted that commit f5d39b020809 "freezer,sched: Rewrite core freezer logic" broke callusermodehelperexec for the KILLABLE case. Specifically it was missed that the...

5.5CVSS6.6AI score0.00205EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/05/13 11:0 p.m.33 views

CVE-2024-27816

A logic issue was addressed with improved checks. This issue is fixed in iOS 17.5 and iPadOS 17.5, macOS Sonoma 14.5, tvOS 17.5, watchOS 10.5. An attacker may be able to access user data...

7.1AI score0.00985EPSS
Exploits0References4
Prion
Prion
added 2024/03/08 2:15 a.m.29 views

Code injection

A logic issue was addressed with improved state management. This issue is fixed in tvOS 17.4, macOS Sonoma 14.4, visionOS 1.1, iOS 17.4 and iPadOS 17.4, watchOS 10.4, iOS 16.7.6 and iPadOS 16.7.6, Safari 17.4. Processing maliciously crafted web content may prevent Content Security Policy from bei...

6.5AI score0.01486EPSS
Exploits0References12
Vulnrichment
Vulnrichment
added 2024/03/08 1:35 a.m.21 views

CVE-2024-23241

This issue was addressed through improved state management. This issue is fixed in iOS 17.4 and iPadOS 17.4, macOS Sonoma 14.4, tvOS 17.4. An app may be able to leak sensitive user information...

7.1AI score0.00441EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/10/25 6:31 p.m.18 views

CVE-2023-41997

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sonoma 14.1, watchOS 10.1, iOS 16.7.2 and iPadOS 16.7.2, iOS 17.1 and iPadOS 17.1. An attacker with physical access may be able to use Siri to access sensitive user data...

5.6AI score0.00457EPSS
Exploits0References12
Cvelist
Cvelist
added 2023/09/06 1:36 a.m.17 views

CVE-2023-32426

A logic issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3. An app may be able to gain root privileges...

8AI score0.00207EPSS
Exploits0References2
Code423n4
Code423n4
added 2023/05/08 12:0 a.m.10 views

Mitigation Confirmed for Mitigation of M-10: Issue mitigated

Mitigated issue M-10: Stuck ether when use function stake with empty derivativesderivativeCount = 0 The issue was that stake will accept payment but not issue safETH when derivativeCount == 0 or when all weightsi == 0. Mitigation review The proposed mitigation simply adds a requirederivativeCount...

6.8AI score
Exploits0
CVE
CVE
added 2023/05/08 12:0 a.m.80 views

CVE-2023-27943

CVE-2023-27943 relates to macOS/iOS quarantine handling for files downloaded from the internet. The vulnerability description notes that files may not have the quarantine flag applied, and Apple’s fix is described as “improved checks.” Public documents confirm affected platforms: macOS Ventura 13...

5.5CVSS4.3AI score0.00277EPSS
Exploits0References2Affected Software3
Prion
Prion
added 2022/12/01 6:15 a.m.23 views

Design/Logic Flaw

An arbitrary file upload vulnerability in Rocket TRUfusion Enterprise before 7.9.6.1 allows unauthenticated attackers to execute arbitrary code via a crafted JSP file. Issue fixed in version 7.9.6.1...

7.5CVSS9.6AI score0.0113EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/09/23 6:59 p.m.30 views

CVE-2022-32790

This issue was addressed with improved checks. This issue is fixed in tvOS 15.5, watchOS 8.6, iOS 15.5 and iPadOS 15.5, macOS Monterey 12.4, macOS Big Sur 11.6.6, Security Update 2022-004 Catalina. A remote user may be able to cause a denial-of-service...

7.3AI score0.0175EPSS
Exploits0References6
Hacker One
Hacker One
added 2022/08/16 4:15 a.m.25 views

Krisp: Card requirement bypass for business trial

Researcher found a way to bypass mandatory card attachment for business trial. The issue has been fixed now. We would like to thank @n0m3rcy for clear and detailed report...

6.9AI score
Exploits0
GitLab Advisory Database
GitLab Advisory Database
added 2022/07/29 12:0 a.m.28 views

Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings

An authenticated Admin user could craft HTTP requests to filter users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an attacker could infer partial password hashes and...

2.7CVSS3.3AI score0.00616EPSS
Exploits0References6Affected Software1
Rows per page
Query Builder